forked from stupidpupil/https-keyscript
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathinitramfs.sh
More file actions
executable file
·104 lines (75 loc) · 2.43 KB
/
initramfs.sh
File metadata and controls
executable file
·104 lines (75 loc) · 2.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
#!/bin/sh
# This script builds an initramfs and then runs the keyscript.sh tests within it.
# In this way, it tests that that initramfs *hooks* work as intended,
# and that the keyscript works in the reduced environment of the initramfs.
if [ -z "$TEST_INSTALLED" ]; then
if (dpkg -s https-keyscript | grep "Status:.*installed" > /dev/null); then
echo "Warning: https-keyscript is installed"
fi
else
if ! (dpkg -s https-keyscript | grep "Status:.*installed" > /dev/null); then
echo "https-keyscript is not installed"
exit 1
fi
fi
#
# Build the initramfs
#
INITRAMFS_ROOT="tmp/initramfs"
if [ -d "$INITRAMFS_ROOT" ]; then
echo "$INITRAMFS_ROOT already exists!"
exit 1
fi
mkdir "$INITRAMFS_ROOT"
mkinitramfs -c gzip -o "$INITRAMFS_ROOT/initramfs.gz"
(cd "$INITRAMFS_ROOT"; zcat "initramfs.gz" | cpio -idmv 2>/dev/null)
echo "initramfs built"
#
# Run the initramfs hooks and install the keyscript, if necessary
#
if [ -z "$TEST_INSTALLED" ]; then
DESTDIR="$(pwd)/$INITRAMFS_ROOT"
export DESTDIR
for f in src/etc/initramfs-tools/hooks/*.sh
do
bash "$f"
done
echo "initramfs hooks run"
mkdir -p "$INITRAMFS_ROOT/lib/cryptsetup/scripts"
cp "src/lib/cryptsetup/scripts/wget_or_ask" "$INITRAMFS_ROOT/lib/cryptsetup/scripts/wget_or_ask"
echo "keyscript copied"
else
# If there's no reference to the keyscript in the crypttab it won't be installed in the initramfs
if ! [ -x "$INITRAMFS_ROOT/lib/cryptsetup/scripts/wget_or_ask" ]; then
mkdir -p "$INITRAMFS_ROOT/lib/cryptsetup/scripts"
cp "/lib/cryptsetup/scripts/wget_or_ask" "$INITRAMFS_ROOT/lib/cryptsetup/scripts/wget_or_ask"
fi
fi
#
# Setup the initramfs environment for testing
#
# By default, initramfs' busybox doesn't include sha256sum
cp "/bin/busybox" "$INITRAMFS_ROOT/bin/sha256sum"
# Cloudflare
echo 'nameserver 1.1.1.1' > "$INITRAMFS_ROOT/etc/resolv.conf"
echo 'nameserver 1.0.0.1' >> "$INITRAMFS_ROOT/etc/resolv.conf"
# Quad 9
echo 'nameserver 9.9.9.9' >> "$INITRAMFS_ROOT/etc/resolv.conf"
echo 'nameserver 9.9.9.10' >> "$INITRAMFS_ROOT/etc/resolv.conf"
if [ ! -d "$INITRAMFS_ROOT/dev/" ]; then
mkdir "$INITRAMFS_ROOT/dev/"
mount -o bind /dev "$INITRAMFS_ROOT/dev/"
fi
cp -r "tests/" "$INITRAMFS_ROOT/tests/"
mkdir "$INITRAMFS_ROOT/tmp"
chroot "$INITRAMFS_ROOT" busybox sh "/tests/keyscript.sh"
exitCode=$?
sleep 1
#
# Remove the initramfs
#
umount "$INITRAMFS_ROOT/dev"
if [ $? -eq 0 ]; then
rm -r "$INITRAMFS_ROOT"
fi
exit "$exitCode"